Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kraditheo
New Contributor

Can We Alert Traffic Shaping Rule?

Hi,

I want to ask, is it possible to trigger an event on FortiGate when traffic reach or exceed traffic shaping (TS) rule?

Let's say, if there is a TS rule on LAN to WAN interface that say limit traffic to 5 MB,

is it possible to trigger event when the actual throughput from LAN to WAN interface reach or exceed 5 MB,

and then send an email notification when the event occur.

Please tell me how it works.

Thanks a lot.

4 REPLIES 4
gschmitt
Valued Contributor

Not as far as I know but I don't actually see what the benefit of this would be

 

TCP traffic, by protocol, tries to establish the maximum bandwidth and transport at it

kraditheo

gschmitt wrote:

Not as far as I know but I don't actually see what the benefit of this would be

 

TCP traffic, by protocol, tries to establish the maximum bandwidth and transport at it

The use case of this is to alert user when one of their interface have maximum bandwidth allowed and have possibility to experience packet drop.

vjoshi_FTNT
Staff
Staff

Hello,

 

Not for the Traffic Shaping. Though you have more control on the browsing with the web filter quota, where even the user is notified on how much bandwidth he has used.

 

However, it has some limitations as it is only applicable for the WEB traffic.

 

Application control has got traffic shaping options, which I believe should generate logs, worth a check.

 

 

AtiT
Valued Contributor

Hi,

You should able to do it from FortiAnalyzer. The traffic log contains fields for Bytes Dropped - see the attached image.

Tested for high bandwidth connection (shaper was shaping the traffic) and low bandiwth (shaper was not active - line BW did not reached the shaper limit).

 

Probably you can do it from some syslog server where you will check these fields in the traffic log and send an email.

 

AtiT

AtiT
Labels
Top Kudoed Authors